In the Claims 
Claims remaining in the application are as follows: 

1 . (Currently amended): A Personal Identification Number (PIN) verification 
apparatus comprising: 

a plurality of cipher blocks linked in a Cipher Block Chain (CBC) and keyed 

with a secret PIN Verification Key (PVK); 
a first input block coupled to a first cipher block in the CBC chain that receives 

a text first plaintext block derived from a secret Personal Identification 

Number (PIN); and 

a second input block coupled to a second cipher block in the CBC chain that 
receives a text second plaintext block derived from a non-secret entity- 
identifier independent of the PIN and receives ciphertext from a cipher 
block in the CBC chain. 

2. (Currently amended): The apparatus according to Claim 1 further 
comprising: 

a logical operator that exclusive-ORs the first plaintext block derived from the 

secret PIN with an initialization vector to produce an initialized block; 
a first encryptor that encrypts the initialized block using triple Data Encryption 

Standard (3-DES) encryption to produce a first ciphertext block; 
a logical operator that exclusive-ORs the second plaintext block derived from 

the non-secret entity-identifie r independent of the PIN with the first 

ciphertext block to produce a chained block; and 
a second encryptor that encrypts the chained block using triple Data 

Encryption Standard (3-DES) encryption to produce a second ciphertext 

block. 
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3. (Previously presented): The apparatus according to Claim 2 
wherein: 

the PIN verification apparatus operates in a reversible mode that recovers the 
secret PIN from the second ciphertext block. 

4. (Original): The apparatus according to Claim 2 further comprising: 

a logical operator that exclusive-ORs the first ciphertext block with the second 
ciphertext block to produce a third ciphertext block. 

5. (Original): The apparatus according to Claim 4 wherein: 

the PIN verification apparatus operates in an irreversible mode that obstructs 
recovery of the secret PIN. 

6. (Previously presented): The apparatus according to Claim 5 further 
comprising: 

an escrow storage coupled to the second encryptor that stores the second 
ciphertext block. 

7. (Original): The apparatus according to Claim 1 further comprising: 
the plurality of cipher blocks that encrypt data according to a triple Data 

Encryption Standard (3-DES). 

8. (Previously presented): The apparatus according to Claim 1 further 
comprising: 

a format converter coupled to a cipher block in the CBC chain that converts 
hexadecimal digit ciphertext to a decimal result by receiving in 
sequence the hexadecimal digit ciphertext, selecting a predetermined 
number of numeric digits, and generating output digits as a PIN 
Verification Value (PW). 
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9. (Original): The apparatus according to Claim 1 further comprising: 
the plurality of cipher blocks that encrypt data according to a definition 

selected from among a group consisting of triple Data Encryption 
Standard (3-DES) and Advanced Encryption Standard (AES) definition. 

10. (Currently amended): The apparatus according to Claim 1 further 
comprising: 

a first formatter that constructs a first incoming plaintext block from a 
concatenation of a length digit, x hexadecimal digits of the secret 
Personal Identification Number (PIN) with 16-(x+1) rightmost 
hexadecimal digits of the non-secret entity-identifier; and 

a second formatter that constructs a second incoming plaintext block 

independent of the PIN from a concatenation of y hexadecimal digits of 
the non-secret entity-identifier with a pad character that is repeated 16- 
y times. 

1 1 . (Currently amended): A method for Personal Identification Number (PIN) 
verification comprising: 

linking a plurality of cipher blocks in a Cipher Block Chain (CBC); 
applying an i ncom i ng a first incoming plaintext block derived from a secret 

Personal Identification Number (PIN) to one of the plurality of cipher 

blocks; 

applying an i ncom i ng a second incoming plaintext block derived from a non- 
secret entity-identifier independent of the PIN and ciphertext from a 
cipher block in the CBC chain to a second of the plurality of cipher 
blocks ; 

keying the plurality of cipher blocks with a secret PIN Verification Key (PVK); 
and 

executing the plurality of cipher blocks r e su l t i ng i n g e n e rat i on of wherein 
ciphertext is generated . 
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12. (Currently amended): The method according to Claim 1 1 further 
comprising: 

a p l ura li ty of c i ph e r b l ocks that encrypt encrypting data according to a triple 
Data Encryption Standard (3-DES) using a plurality of cipher blocks . 

13. (Currently amended): The method according to Claim 1 1 wherein the PIN 
verification method i s capab le of further comprises: 

operating in a reversible mode that enables recovery of the secret P I N, th e 
m e thod compr i s i ng: PIN; 

exclusive-ORing the first incoming plaintext block derived from the secret PIN 
with an initialization vector to produce an initialized block; 

encrypting the initialized block using triple Data Encryption Standard (3-DES) 
encryption to produce a first ciphertext block; 

exclusive-ORing the second incoming plaintext block derived from the non- 
secret entity-identifier independent of the PIN with the first ciphertext 
block to produce a chained block; 

encrypting the chained block using triple Data Encryption Standard (3-DES) 
encryption to produce a second ciphertext block; and 

supplying the second ciphertext block for PIN verification. 

14. (Currently amended): The method according to Claim 1 1 wherein the PIN 
verification method i s capab le of further comprises: 

operating in an irreversible mode that obstructs recovery of the secret P I N, th e 
m e thod compr i s i ng: PIN; 

exclusive-ORing the first incoming plaintext block derived from the secret PIN 
with an initialization vector to produce an initialized block; 

encrypting the initialized block using triple Data Encryption Standard (3-DES) 
encryption to produce a first ciphertext block; 

exclusive-ORing the second incoming plaintext block derived from the non- 
secret entity-identifier independent of the PIN with the first ciphertext 
block to produce a chained block; 
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encrypting the chained block using triple Data Encryption Standard (3-DES) 

encryption to produce a second ciphertext block; 
exclusive-ORing the first ciphertext block with the second ciphertext block to 

produce a third ciphertext block; and 
supplying the second ciphertext block for PIN verification. 

15. (Original): The method according to Claim 14 further comprising: 
storing the second ciphertext block in at least one escrow to facilitate recovery 

of the secret PIN. 

16. (Previously presented): The method according to Claim 1 1 further 
comprising: 

converting hexadecimal digit ciphertext generated by a final ciphertext block in 
the Cipher Block Chain (CBC) to a decimal result by receiving in 
sequence the hexadecimal digit ciphertext, selecting a predetermined 
number of numeric digits, and generating output digits as a PIN 
Verification Value (PW); and 

using the PW for PIN verification. 

17. (Original): The method according to Claim 1 1 further comprising: 
supplying hexadecimal digit ciphertext generated by a final ciphertext block in 

the Cipher Block Chain (CBC) as a PIN Verification Value (PW). 

18. (Original): The method according to Claim 11 further comprising: 

a plurality of cipher blocks that encrypt data according to a definition selected 
from among a group consisting of triple Data Encryption Standard (3- 
DES) and Advanced Encryption Standard (AES) definition. 

19. (Currently amended): The method according to Claim 1 1 further 
comprising: 

constructing a f i rst the first incoming plaintext block from a concatenation of a 
length digit, x hexadecimal digits of the secret Personal Identification 
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Number (PIN) with 16-(x+1) rightmost hexadecimal digits of the non- 
secret entity-identifier; and 
constructing a s e cond the second incoming plaintext block from a 

concatenation of y hexadecimal digits of the non-secret entity-identifier 
with a pad character that is repeated 1 6-y times wherein the second 
incoming plaintext block is independent of the PIN . 

20. (Currently amended): A data security apparatus comprising: 

an enrollment terminal configured to accept capab le of acc e pt i ng a magn e t i c 
str i p e card stor i ng a non - s e cr e t e nt i ty -i d e nt i f ie r and an entity-selected 
secret Personal Identification Number (PIN) and a magnetic stripe card 
storing a non-secret entity-identifier independent of the PIN : 

a processor coupled to the enrollment terminal that receives the entity- 
identifier and the PIN; and 

a memory coupled to the processor and having a computable readable 

program code embodied therein capable of causing the processor to 
enroll a PIN comprising linking a plurality of cipher blocks in a Cipher 
Block Chain (CBC), applying an incoming first plaintext block derived 
from the secret Personal Identification Number (PIN) to one of the 
plurality of cipher blocks, applying an incoming second plaintext block 
derived from the non-secret entity-identifier that is independent of the 
PIN and ciphertext from a cipher block in the CBC chain, keying the 
plurality of cipher blocks with a secret PIN Verification Key (PVK), and 
executing the cipher blocks resulting in generation of ciphertext PIN 
Verification Value (PW) for usage in performing a subsequent PIN 
verification function. 



21 . (Currently amended): The apparatus according to Claim 20 wherein the 
PIN verification function is capab le of op e rat i ng configured to operate in a reversible 
mode that enables recovery of the secret PIN and the memory further comprises: 
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a computable readable program code capable of causing the processor to 
exclusive-OR the first plaintext block derived from the secret PIN with 
an initialization vector to produce an initialized block; 

a computable readable program code capable of causing the controller to 
encrypt the initialized block using triple Data Encryption Standard (3- 
DES) encryption to produce a first ciphertext block; 

a computable readable program code capable of causing the controller to 
exclusive-OR the second plaintext block derived from the non-secret 
entity-identifier that is independent of the PIN with the first ciphertext 
block to produce a chained block; 

a computable readable program code capable of causing the controller to 
encrypt the chained block using triple Data Encryption Standard (3- 
DES) encryption to produce a second ciphertext block; and 

a computable readable program code capable of causing the controller to 
supply the second ciphertext block for PIN verification. 

22. (Currently amended): The apparatus according to Claim 20 wherein the 
PIN verification function is capabl e of op e rat i ng configured to operate in an 
irreversible mode that obstructs recovery of the secret PIN and the memory further 
comprises: 

a computable readable program code capable of causing the processor to 
exclusive-OR the first plaintext block derived from the secret PIN with 
an initialization vector to produce an initialized block; 

a computable readable program code capable of causing the controller to 
encrypt the initialized block using triple Data Encryption Standard (3- 
DES) encryption to produce a first ciphertext block; 

a computable readable program code capable of causing the controller to 
exclusive-OR the second plaintext block derived from the non-secret 
entity-identifier that is independent of the PIN with the first ciphertext 
block to produce a chained block; 
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a computable readable program code capable of causing the controller to 
encrypt the chained block using triple Data Encryption Standard (3- 
DES) encryption to produce a second ciphertext block; 

a computable readable program code capable of causing the controller to 

exclusive-OR the first ciphertext block with the second ciphertext block 
to produce a third ciphertext block; and 

a computable readable program code capable of causing the controller to 
supply the second ciphertext block for PIN verification. 



23. (Original): The apparatus according to Claim 22 further comprising: 
an escrow storage communicatively coupled to the transaction system and 

comprising at least one escrow storage element; and 
the memory further comprises a computable readable program code capable 

of causing the processor to store the second ciphertext block in the 

escrow storage in at least one secret escrow share to facilitate recovery 

of the secret PIN. 



24. (Previously presented): The apparatus according to Claim 20 
wherein the memory further comprises: 

a computable readable program code capable of causing the processor to 
convert hexadecimal digit ciphertext generated by a final ciphertext 
block in the Cipher Block Chain (CBC) to a decimal result by receiving 
in sequence the hexadecimal digit ciphertext, selecting a predetermined 
number of numeric digits, and generating output digits as a PIN 
Verification Value (PW); and 

a computable readable program code capable of causing the processor to 
write the PW to a magnetic stripe card or a smart card. 



25. (Original): The apparatus according to Claim 20 wherein the memory 
further comprises: 

a computable readable program code capable of causing the processor to 
store hexadecimal digit ciphertext generated by a final ciphertext block 
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in the Cipher Block Chain (CBC) as a PIN Verification Value (PVV) in a 
storage element. 

26. (Original): The apparatus according to Claim 20 wherein: 

the plurality of cipher blocks encrypt data according to a definition selected 
from among a group consisting of triple Data Encryption Standard (3- 
DES) and Advanced Encryption Standard (AES) definition. 

27. (Currently amended): The apparatus according to Claim 20 wherein the 
memory further comprises: 

a computable readable program code capable of causing the processor to 
construct a f i rst the first incoming plaintext block from a concatenation 
of a length digit and x hexadecimal digits of the secret Personal 
Identification Number (PIN) with 16-(x+1) rightmost hexadecimal digits 
of the non-secret entity-identifier; and 

a computable readable program code capable of causing the processor to 
construct a second the second incoming plaintext block from a 
concatenation of y hexadecimal digits of the non-secret entity-identifier 
with a pad character that is repeated 1 6-y times wherein the second 
incoming plaintext block is independent of the PIN . 

28. (Currently amended): A data security apparatus comprising: 

a PIN Verification Value (PW) database capab l e of stor i ng configured to store 
a plurality of PIN Verification Values (PWs) for enrolled magnetic stripe 
cards; 

an escrow capab le of stor i ng configured to store a plurality of escrow values 
associated with at least some of the enrolled magnetic stripe cards; and 

a processor coupled to the PVV database and the escrow that receives an 

entity-identifier, a PIN Verification Value (PW) associated to the entity- 
identifier, and at least one escrow value associated to the entity- 
identifier; and 
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a memory coupled to the processor and having a computable readable 

program code embodied therein capable of causing the processor to 
recover a PIN comprising linking a plurality of cipher blocks in a Cipher 
Block Chain (CBC), applying an incoming first plaintext block derived 
from the PIN Verification Value (PW) to one of the plurality of cipher 
blocks, applying an incoming second plaintext block derived from the 
non-secret entity-identifier that is independent of the PIN and ciphertext 
from a cipher block in the CBC chain, keying the plurality of cipher 
blocks with a secret PIN Verification Key (PVK), executing the cipher 
blocks to produce a ciphertext value, and combining the ciphertext 
value with the at least one escrow value resulting in recovery of the PIN 
verification function. 

29. (Currently amended): A data security apparatus comprising: 
a transaction terminal adapted to accept capab le of acc e pt i ng a magn e t i c 
str i p e card stor i ng a non s e cr e t ent i ty i d e nt i f ie r and an entity-entered 
secret Personal Identification Number (PIN') and a magnetic stripe card 
storing a non-secret entity-identifier independent of the PIN ; 
a PIN Verification Value (PW) database; 

a processor communicatively coupled to the transaction terminal that receives 
the entity-identifier, the PIN', and coupled to the PW database and 
capab le of for retrieving a PIN Verification Value (PW) associated with 
the entity-identifier; and 

a memory coupled to the processor and having a computable readable 

program code embodied therein capable of causing the processor to 
verify the PIN' comprising linking a plurality of cipher blocks in a Cipher 
Block Chain (CBC), applying an incoming first plaintext block derived 
from the secret entered Personal Identification Number (PIN') to one of 
the plurality of cipher blocks, applying an incoming second plaintext 
block derived from the non-secret entity-identifier independent of the 
PIN' and ciphertext from a cipher block in the CBC chain, keying the 
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plurality of cipher blocks with a secret PIN Verification Key (PVK), 
executing the cipher blocks resulting in generation of ciphertext 
transaction PIN Verification Value (PW); comparing the generated 
PW and the retrieved PW; and determining PIN verification based on 
the comparison. 

30. (Currently amended): A transaction system comprising: 
a network; 

a plurality of servers and/or hosts coupled to the network; 

a plurality of terminals coupled to the servers via the network; 

a plurality of magnetic stripe cards enrolled in the transaction system and 
capab l e of configured for insertion into the on-line terminals and 
performing transactions via the servers; and 

a plurality of processors distributed among the servers, hosts, and/or the 
terminals, at least one of the processors being capable of executing 
PIN verification using a magnetic stripe card and having a computable 
readable program code embodied therein capable of causing the 
processor to link a plurality of cipher blocks in a Cipher Block Chain 
(CBC), apply an incoming first plaintext block derived from a secret 
Personal Identification Number (PIN) to one of the plurality of cipher 
blocks, apply an incoming second plaintext block derived from a non- 
secret entity-identifier independent of the PIN and ciphertext from a 
cipher block in the CBC chain, key the plurality of cipher blocks with a 
secret PIN Verification Key (PVK), and execute the cipher blocks 
resulting in generation of ciphertext. 

31 . (Currently amended): A data security apparatus comprising: 
means for enrolling a transaction card in a data system; and 

means for generating a Personal Identification Number (PIN) Verification 
Value (PW) for usage in Personal Identification Number (PIN) 
verification further comprising: 
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means for linking a plurality of cipher blocks in a Cipher Block Chain 
(CBC); 

means for applying an incoming first plaintext block derived from a 

secret Personal Identification Number (PIN) to one of the 

plurality of cipher blocks; 
means for applying an incoming second plaintext block derived from a 

non-secret entity-identifier independent of the PIN to another of 

the plurality of cipher blocks; 
means for keying the plurality of cipher blocks with a secret PIN 

Verification Key (PVK); and 
means for generating a PIN Verification Value (PVV) via operation of a 

plurality of cipher blocks in the Cipher Block Chain; and 
means for writing the PVV to a transaction card for subsequent PIN 

verification. 
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